| line |
true |
false |
branch |
|
235
|
0 |
6668 |
if (!key) |
|
255
|
0 |
4477 |
psAssert(key); |
|
282
|
0 |
4316 |
if ((k = psMalloc(pool, sizeof(psEccKey_t))) == NULL) |
|
287
|
0 |
4316 |
if ((rc = psEccInitKey(pool, k, curve)) < 0) |
|
301
|
2203 |
0 |
if (to->pool == NULL) |
|
314
|
0 |
2203 |
if ((rc = pstm_init_copy(to->pool, &to->pubkey.x, &from->pubkey.x, 0)) |
|
319
|
0 |
2203 |
if ((rc = pstm_init_copy(to->pool, &to->pubkey.y, &from->pubkey.y, 0)) |
|
324
|
0 |
2203 |
if ((rc = pstm_init_copy(to->pool, &to->pubkey.z, &from->pubkey.z, 0)) |
|
331
|
2203 |
0 |
if (to->type == PS_PRIVKEY) |
|
333
|
0 |
2203 |
if ((rc = pstm_init_copy(to->pool, &to->k, &from->k, 0)) |
|
341
|
0 |
2203 |
if (rc < 0) |
|
369
|
105 |
0 |
if (key && key->curve) |
|
|
105 |
0 |
if (key && key->curve) |
|
396
|
105 |
0 |
if (len < 1 || |
|
|
105 |
0 |
if (len < 1 || |
|
397
|
105 |
0 |
*(p++) != ASN_OID || |
|
398
|
0 |
105 |
getAsnLength(&p, (uint16_t) (end - p), &arcLen) < 0 || |
|
420
|
555 |
105 |
while (arcLen > 0) |
|
426
|
0 |
105 |
if (getEccParamByOid(oid, &eccCurve) < 0) |
|
432
|
105 |
0 |
if ((uint16_t) (end - p) < 1 || (*(p++) != ASN_BIT_STRING) || |
|
433
|
105 |
0 |
getAsnLength(&p, len - 1, &arcLen) < 0 || |
|
434
|
0 |
105 |
(uint16_t) (end - p) < arcLen || |
|
460
|
0 |
105 |
if (psEccX963ImportKey(pool, p, arcLen, pubKey, eccCurve) < 0) |
|
491
|
29 |
0 |
if (!key || !curve) |
|
|
0 |
29 |
if (!key || !curve) |
|
504
|
0 |
29 |
if (buf == NULL) |
|
512
|
0 |
29 |
if (pstm_init_for_read_unsigned_bin(pool, &order, keysize) < 0) |
|
518
|
0 |
29 |
if ((err = pstm_read_radix(pool, &order, key->curve->order, slen, 16)) |
|
527
|
0 |
3344 |
if (psGetPrngLocked(buf, keysize, usrData) != keysize) |
|
534
|
0 |
3344 |
if (pstm_init_for_read_unsigned_bin(pool, &rand, keysize) < 0) |
|
541
|
0 |
3344 |
if ((err = pstm_read_unsigned_bin(&rand, buf, keysize)) != PS_SUCCESS) |
|
549
|
3315 |
29 |
if (pstm_cmp(&rand, &order) == PSTM_GT) |
|
557
|
0 |
29 |
if (key->curve->isOptimized == 0) |
|
559
|
0 |
0 |
if ((A = psMalloc(pool, sizeof(pstm_int))) == NULL) |
|
564
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, A, keysize) < 0) |
|
570
|
0 |
0 |
if ((err = pstm_read_radix(pool, A, key->curve->A, slen, 16)) |
|
577
|
0 |
29 |
if (pstm_init_for_read_unsigned_bin(pool, &prime, keysize) < 0) |
|
584
|
0 |
29 |
if (base == NULL) |
|
591
|
0 |
29 |
if ((err = pstm_read_radix(pool, &prime, key->curve->prime, slen, 16)) |
|
596
|
0 |
29 |
if ((err = pstm_read_radix(pool, &base->x, key->curve->Gx, slen, 16)) |
|
601
|
0 |
29 |
if ((err = pstm_read_radix(pool, &base->y, key->curve->Gy, slen, 16)) |
|
608
|
0 |
29 |
if (pstm_init_for_read_unsigned_bin(pool, &key->k, keysize) < 0) |
|
613
|
0 |
29 |
if ((err = pstm_read_unsigned_bin(&key->k, buf, keysize)) |
|
620
|
0 |
29 |
if (pstm_init_size(pool, &key->pubkey.x, (key->k.used * 2) + 1) < 0) |
|
625
|
0 |
29 |
if (pstm_init_size(pool, &key->pubkey.y, (key->k.used * 2) + 1) < 0) |
|
630
|
0 |
29 |
if (pstm_init_size(pool, &key->pubkey.z, (key->k.used * 2) + 1) < 0) |
|
635
|
0 |
29 |
if ((err = eccMulmod(pool, &key->k, base, &key->pubkey, &prime, 1, A)) != |
|
646
|
0 |
29 |
if (A) |
|
659
|
0 |
0 |
if (A) |
|
693
|
0 |
0 |
if ((rc = psPkcs1DecodePrivFile(pool, fileName, password, &DERout, &DERlen)) < 0) |
|
698
|
0 |
0 |
if ((rc = psEccParsePrivKey(pool, DERout, DERlen, key, NULL)) < 0) |
|
704
|
0 |
0 |
if ((rc = psPkcs8ParsePrivBin(pool, DERout, DERlen, (char *) password, |
|
737
|
0 |
0 |
if (getAsnSequence(&buf, (uint16_t) (end - buf), &len) < 0) |
|
742
|
0 |
0 |
if (getAsnInteger(&buf, (uint16_t) (end - buf), &asnInt) < 0 || |
|
|
0 |
0 |
if (getAsnInteger(&buf, (uint16_t) (end - buf), &asnInt) < 0 || |
|
750
|
0 |
0 |
getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
|
751
|
0 |
0 |
(uint16_t) (end - buf) < len || |
|
760
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &key->k, len) != PS_SUCCESS) |
|
765
|
0 |
0 |
if (pstm_read_unsigned_bin(&key->k, buf, len) != PS_SUCCESS) |
|
773
|
0 |
0 |
if (*buf == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED)) |
|
778
|
0 |
0 |
if (getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
|
|
0 |
0 |
if (getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
|
779
|
0 |
0 |
(uint16_t) (end - buf) < len || |
|
787
|
0 |
0 |
getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
|
796
|
0 |
0 |
while (len > 0) |
|
801
|
0 |
0 |
if (getEccParamByOid(oid, &eccCurve) < 0) |
|
806
|
0 |
0 |
if (curve != NULL && curve != eccCurve) |
|
|
0 |
0 |
if (curve != NULL && curve != eccCurve) |
|
814
|
0 |
0 |
else if (curve != NULL) |
|
824
|
0 |
0 |
if (*buf == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1)) |
|
828
|
0 |
0 |
if (getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
|
|
0 |
0 |
if (getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
|
829
|
0 |
0 |
(uint16_t) (end - buf) < len || |
|
837
|
0 |
0 |
getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
|
838
|
0 |
0 |
(uint16_t) (end - buf) < len || |
|
846
|
0 |
0 |
if (ignore_bits != 0) |
|
853
|
0 |
0 |
if (psEccX963ImportKey(pool, buf, len, key, key->curve) < 0) |
|
864
|
0 |
0 |
if (buf < end && |
|
|
0 |
0 |
if (buf < end && |
|
865
|
0 |
0 |
*buf == ANSI_UNCOMPRESSED && /* Uncompressed is the only format we support. */ |
|
868
|
0 |
0 |
if (psEccX963ImportKey(pool, buf, (end - buf), key, key->curve) < 0) |
|
877
|
0 |
0 |
if (end != buf) |
|
882
|
0 |
0 |
while (buf < end) |
|
884
|
0 |
0 |
if (*buf != len) |
|
904
|
0 |
2233 |
if (curveId == 0) |
|
911
|
2295 |
0 |
while (eccCurves[i].size > 0) |
|
913
|
2233 |
62 |
if (curveId == eccCurves[i].curveId) |
|
928
|
220 |
0 |
while (eccCurves[i].size > 0) |
|
930
|
105 |
115 |
if (oid == eccCurves[i].OIDsum) |
|
946
|
0 |
0 |
while (eccCurves[i].size > 0) |
|
948
|
0 |
0 |
if (strcmp(curveName, eccCurves[i].name) == 0) |
|
967
|
55780 |
11156 |
while (eccCurves[i].size > 0) |
|
969
|
55780 |
0 |
if (listLen < (*len - 2)) |
|
989
|
6 |
0 |
if (curves & IS_SECP521R1) |
|
991
|
6 |
0 |
if (getEccParamById(IANA_SECP521R1, &curve) == 0) |
|
993
|
6 |
0 |
if (listLen < (*len - 2)) |
|
1000
|
0 |
6 |
if (curves & IS_BRAIN512R1) |
|
1002
|
0 |
0 |
if (getEccParamById(IANA_BRAIN512R1, &curve) == 0) |
|
1004
|
0 |
0 |
if (listLen < (*len - 2)) |
|
1011
|
6 |
0 |
if (curves & IS_SECP384R1) |
|
1013
|
6 |
0 |
if (getEccParamById(IANA_SECP384R1, &curve) == 0) |
|
1015
|
6 |
0 |
if (listLen < (*len - 2)) |
|
1022
|
0 |
6 |
if (curves & IS_BRAIN384R1) |
|
1024
|
0 |
0 |
if (getEccParamById(IANA_BRAIN384R1, &curve) == 0) |
|
1026
|
0 |
0 |
if (listLen < (*len - 2)) |
|
1033
|
6 |
0 |
if (curves & IS_SECP256R1) |
|
1035
|
6 |
0 |
if (getEccParamById(IANA_SECP256R1, &curve) == 0) |
|
1037
|
6 |
0 |
if (listLen < (*len - 2)) |
|
1044
|
0 |
6 |
if (curves & IS_BRAIN256R1) |
|
1046
|
0 |
0 |
if (getEccParamById(IANA_BRAIN256R1, &curve) == 0) |
|
1048
|
0 |
0 |
if (listLen < (*len - 2)) |
|
1055
|
6 |
0 |
if (curves & IS_SECP224R1) |
|
1057
|
6 |
0 |
if (getEccParamById(IANA_SECP224R1, &curve) == 0) |
|
1059
|
6 |
0 |
if (listLen < (*len - 2)) |
|
1066
|
0 |
6 |
if (curves & IS_BRAIN224R1) |
|
1068
|
0 |
0 |
if (getEccParamById(IANA_BRAIN224R1, &curve) == 0) |
|
1070
|
0 |
0 |
if (listLen < (*len - 2)) |
|
1077
|
6 |
0 |
if (curves & IS_SECP192R1) |
|
1079
|
6 |
0 |
if (getEccParamById(IANA_SECP192R1, &curve) == 0) |
|
1081
|
6 |
0 |
if (listLen < (*len - 2)) |
|
1136
|
19268 |
0 |
return (n >= a->used) ? (pstm_digit) 0 : a->dp[n]; |
|
1165
|
0 |
2142 |
if ((err = pstm_montgomery_setup(modulus, &mp)) != PS_SUCCESS) |
|
1169
|
0 |
2142 |
if ((err = pstm_init_size(pool, &mu, modulus->alloc)) != PS_SUCCESS) |
|
1173
|
0 |
2142 |
if ((err = pstm_montgomery_calc_normalization(&mu, modulus)) != PS_SUCCESS) |
|
1180
|
17136 |
2142 |
for (i = 0; i < 8; i++) |
|
1183
|
0 |
17136 |
if (M[i] == NULL) |
|
1185
|
0 |
0 |
for (j = 0; j < i; j++) |
|
1196
|
0 |
2142 |
if (tG == NULL) |
|
1203
|
0 |
2142 |
if (pstm_cmp_d(&mu, 1) == PSTM_EQ) |
|
1205
|
0 |
0 |
if ((err = pstm_copy(&G->x, &tG->x)) != PS_SUCCESS) |
|
1209
|
0 |
0 |
if ((err = pstm_copy(&G->y, &tG->y)) != PS_SUCCESS) |
|
1213
|
0 |
0 |
if ((err = pstm_copy(&G->z, &tG->z)) != PS_SUCCESS) |
|
1220
|
0 |
2142 |
if ((err = pstm_mulmod(pool, &G->x, &mu, modulus, &tG->x)) != PS_SUCCESS) |
|
1224
|
0 |
2142 |
if ((err = pstm_mulmod(pool, &G->y, &mu, modulus, &tG->y)) != PS_SUCCESS) |
|
1228
|
0 |
2142 |
if ((err = pstm_mulmod(pool, &G->z, &mu, modulus, &tG->z)) != PS_SUCCESS) |
|
1237
|
0 |
2142 |
if ((err = eccProjectiveDblPoint(pool, tG, M[0], modulus, &mp, tmp_int)) != PS_SUCCESS) |
|
1241
|
0 |
2142 |
if ((err = eccProjectiveDblPoint(pool, M[0], M[0], modulus, &mp, tmp_int)) != |
|
1246
|
0 |
2142 |
if ((err = eccProjectiveDblPoint(pool, M[0], M[0], modulus, &mp, tmp_int)) != |
|
1253
|
14994 |
2142 |
for (j = 9; j < 16; j++) |
|
1255
|
0 |
14994 |
if ((err = eccProjectiveAddPoint(pool, M[j - 9], tG, M[j - 8], modulus, |
|
1274
|
21410 |
1213884 |
if (--bitcnt == 0) |
|
1276
|
2142 |
19268 |
if (digidx == -1) |
|
1290
|
122945 |
1110207 |
if (mode == 0 && i == 0) |
|
|
120803 |
2142 |
if (mode == 0 && i == 0) |
|
1296
|
418424 |
693925 |
if (mode == 1 && i == 0) |
|
|
188616 |
229808 |
if (mode == 1 && i == 0) |
|
1298
|
0 |
188616 |
if ((err = eccProjectiveDblPoint(pool, R, R, modulus, &mp, tmp_int)) != |
|
1310
|
229961 |
693772 |
if (bitcpy == ECC_MULMOD_WINSIZE) |
|
1313
|
2142 |
227819 |
if (first == 1) |
|
1316
|
0 |
2142 |
if ((err = pstm_copy(&M[bitbuf - 8]->x, &R->x)) != PS_SUCCESS) |
|
1320
|
0 |
2142 |
if ((err = pstm_copy(&M[bitbuf - 8]->y, &R->y)) != PS_SUCCESS) |
|
1324
|
0 |
2142 |
if ((err = pstm_copy(&M[bitbuf - 8]->z, &R->z)) != PS_SUCCESS) |
|
1335
|
911276 |
227819 |
for (j = 0; j < ECC_MULMOD_WINSIZE; j++) |
|
1337
|
0 |
911276 |
if ((err = eccProjectiveDblPoint(pool, R, R, modulus, &mp, tmp_int)) |
|
1345
|
0 |
227819 |
if ((err = eccProjectiveAddPoint(pool, R, M[bitbuf - 8], R, |
|
1358
|
1989 |
153 |
if (mode == 2 && bitcpy > 0) |
|
|
1989 |
0 |
if (mode == 2 && bitcpy > 0) |
|
1361
|
3889 |
1989 |
for (j = 0; j < bitcpy; j++) |
|
1364
|
3889 |
0 |
if (first == 0) |
|
1366
|
0 |
3889 |
if ((err = eccProjectiveDblPoint(pool, R, R, modulus, &mp, tmp_int)) != |
|
1374
|
2921 |
968 |
if ((bitbuf & (1 << ECC_MULMOD_WINSIZE)) != 0) |
|
1376
|
0 |
2921 |
if (first == 1) |
|
1379
|
0 |
0 |
if ((err = pstm_copy(&tG->x, &R->x)) != PS_SUCCESS) |
|
1383
|
0 |
0 |
if ((err = pstm_copy(&tG->y, &R->y)) != PS_SUCCESS) |
|
1387
|
0 |
0 |
if ((err = pstm_copy(&tG->z, &R->z)) != PS_SUCCESS) |
|
1396
|
0 |
2921 |
if ((err = eccProjectiveAddPoint(pool, R, tG, R, modulus, |
|
1407
|
2142 |
0 |
if (map) |
|
1419
|
17136 |
2142 |
for (i = 0; i < 8; i++) |
|
1434
|
0 |
2218 |
if ((err = pstm_init(pool, &t1)) < 0) |
|
1438
|
0 |
2218 |
if ((err = pstm_init(pool, &t2)) < 0) |
|
1445
|
0 |
2218 |
if ((paD = psMalloc(pool, paDlen)) == NULL) |
|
1453
|
0 |
2218 |
if ((err = pstm_sqr_comba(pool, &P->y, &t1, paD, paDlen)) < 0) |
|
1459
|
0 |
2218 |
if ((err = pstm_sqr_comba(pool, &P->x, &t2, paD, paDlen)) < 0) |
|
1463
|
0 |
2218 |
if ((err = pstm_mod(pool, &t2, prime, &t2)) < 0) |
|
1468
|
0 |
2218 |
if ((err = pstm_mul_comba(pool, &P->x, &t2, &t2, paD, paDlen)) < 0) |
|
1474
|
0 |
2218 |
if ((err = pstm_sub(&t1, &t2, &t1)) < 0) |
|
1480
|
0 |
2218 |
if ((err = pstm_add(&t1, &P->x, &t1)) < 0) |
|
1484
|
0 |
2218 |
if ((err = pstm_add(&t1, &P->x, &t1)) < 0) |
|
1488
|
0 |
2218 |
if ((err = pstm_add(&t1, &P->x, &t1)) < 0) |
|
1492
|
0 |
2218 |
if ((err = pstm_mod(pool, &t1, prime, &t1)) < 0) |
|
1496
|
0 |
2218 |
while (pstm_cmp_d(&t1, 0) == PSTM_LT) |
|
1498
|
0 |
0 |
if ((err = pstm_add(&t1, prime, &t1)) < 0) |
|
1503
|
0 |
2218 |
while (pstm_cmp(&t1, prime) != PSTM_LT) |
|
1505
|
0 |
0 |
if ((err = pstm_sub(&t1, prime, &t1)) < 0) |
|
1512
|
0 |
2218 |
if (pstm_cmp(&t1, b) != PSTM_EQ) |
|
1555
|
2218 |
0 |
if (inlen < ((2 * (MIN_ECC_BITS / 8)) + 1) || (inlen & 1) == 0) |
|
|
0 |
2218 |
if (inlen < ((2 * (MIN_ECC_BITS / 8)) + 1) || (inlen & 1) == 0) |
|
1562
|
2218 |
0 |
if (key->type != PS_PRIVKEY) |
|
1564
|
0 |
2218 |
if (psEccInitKey(pool, key, curve) < 0) |
|
1570
|
0 |
2218 |
if (pstm_init_for_read_unsigned_bin(pool, &key->pubkey.x, |
|
1575
|
0 |
2218 |
if (pstm_init_for_read_unsigned_bin(pool, &key->pubkey.y, |
|
1581
|
0 |
2218 |
if (pstm_init_size(pool, &key->pubkey.z, 1) < 0) |
|
1588
|
2218 |
0 |
switch (*in) |
|
1603
|
0 |
2218 |
if ((err = pstm_read_unsigned_bin(&key->pubkey.x, (unsigned char *) in + 1, |
|
1608
|
0 |
2218 |
if ((err = pstm_read_unsigned_bin(&key->pubkey.y, |
|
1617
|
2218 |
0 |
if (curve != NULL && curve->isOptimized) |
|
|
2218 |
0 |
if (curve != NULL && curve->isOptimized) |
|
1619
|
0 |
2218 |
if ((err = pstm_init_for_read_unsigned_bin(pool, &prime, curve->size)) < 0) |
|
1623
|
0 |
2218 |
if ((err = pstm_init_for_read_unsigned_bin(pool, &b, curve->size)) < 0) |
|
1628
|
0 |
2218 |
if ((err = pstm_read_radix(pool, &prime, curve->prime, |
|
1636
|
0 |
2218 |
if ((err = pstm_read_radix(pool, &b, curve->B, curve->size * 2, 16)) < 0) |
|
1642
|
0 |
2218 |
if ((err = eccTestPoint(pool, &key->pubkey, &prime, &b)) < 0) |
|
1680
|
0 |
2203 |
if (*outlen < (1 + 2 * numlen)) |
|
1690
|
0 |
2203 |
if ((res = pstm_to_unsigned_bin(pool, &key->pubkey.x, buf + |
|
1699
|
0 |
2203 |
if ((res = pstm_to_unsigned_bin(pool, &key->pubkey.y, buf + |
|
1733
|
0 |
2113 |
if (private_key->type != PS_PRIVKEY) |
|
1737
|
2113 |
0 |
if (public_key->curve != NULL) |
|
1739
|
0 |
2113 |
if (private_key->curve != public_key->curve) |
|
1747
|
0 |
2113 |
if (result == NULL) |
|
1752
|
0 |
2113 |
if (private_key->curve->isOptimized == 0) |
|
1754
|
0 |
0 |
if ((A = psMalloc(pool, sizeof(pstm_int))) == NULL) |
|
1760
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, A, private_key->curve->size) < 0) |
|
1767
|
0 |
0 |
if ((err = pstm_read_radix(pool, A, private_key->curve->A, |
|
1778
|
0 |
2113 |
if ((err = pstm_init_for_read_unsigned_bin(pool, &prime, |
|
1781
|
0 |
0 |
if (A) |
|
1790
|
0 |
2113 |
if ((err = pstm_read_radix(pool, &prime, private_key->curve->prime, |
|
1795
|
0 |
2113 |
if ((err = eccMulmod(pool, &private_key->k, &public_key->pubkey, result, |
|
1802
|
0 |
2113 |
if (*outlen < x) |
|
1809
|
0 |
2113 |
if ((err = pstm_to_unsigned_bin(pool, &result->x, |
|
1818
|
0 |
2113 |
if (A) |
|
1848
|
0 |
245734 |
if (pstm_init_size(pool, &t1, P->x.alloc) < 0) |
|
1853
|
0 |
245734 |
if (pstm_init_size(pool, &t2, P->x.alloc) < 0) |
|
1857
|
0 |
245734 |
if (pstm_init_size(pool, &x, P->x.alloc) < 0) |
|
1861
|
0 |
245734 |
if (pstm_init_size(pool, &y, P->y.alloc) < 0) |
|
1865
|
0 |
245734 |
if (pstm_init_size(pool, &z, P->z.alloc) < 0) |
|
1871
|
0 |
245734 |
if ((err = pstm_sub(modulus, &Q->y, &t1)) != PS_SUCCESS) |
|
1878
|
0 |
0 |
(pstm_cmp(&P->z, &Q->z) == PSTM_EQ) && |
|
1879
|
0 |
0 |
(pstm_cmp(&P->y, &Q->y) == PSTM_EQ || |
|
1886
|
0 |
245734 |
if ((err = pstm_copy(&P->x, &x)) != PS_SUCCESS) |
|
1890
|
0 |
245734 |
if ((err = pstm_copy(&P->y, &y)) != PS_SUCCESS) |
|
1894
|
0 |
245734 |
if ((err = pstm_copy(&P->z, &z)) != PS_SUCCESS) |
|
1902
|
0 |
245734 |
if ((paD = psMalloc(pool, paDlen)) == NULL) |
|
1909
|
245734 |
0 |
if (pstm_cmp_d(&Q->z, 1) != PSTM_EQ) |
|
1912
|
0 |
245734 |
if ((err = pstm_sqr_comba(pool, &Q->z, &t1, paD, paDlen)) |
|
1917
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
|
1923
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t1, &x, &x, paD, paDlen)) |
|
1928
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &x, modulus, *mp, paD, paDlen)) |
|
1934
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &Q->z, &t1, &t1, paD, paDlen)) |
|
1939
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
|
1945
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t1, &y, &y, paD, paDlen)) |
|
1950
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &y, modulus, *mp, paD, paDlen)) |
|
1958
|
0 |
245734 |
if ((err = pstm_sqr_comba(pool, &z, &t1, paD, paDlen)) != PS_SUCCESS) |
|
1962
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
|
1968
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &Q->x, &t1, &t2, paD, paDlen)) |
|
1973
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t2, modulus, *mp, paD, paDlen)) |
|
1979
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &z, &t1, &t1, paD, paDlen)) != PS_SUCCESS) |
|
1983
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
|
1989
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &Q->y, &t1, &t1, paD, paDlen)) |
|
1994
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
|
2001
|
0 |
245734 |
if ((err = pstm_sub(&y, &t1, &y)) != PS_SUCCESS) |
|
2005
|
108048 |
137686 |
if (pstm_cmp_d(&y, 0) == PSTM_LT) |
|
2007
|
0 |
108048 |
if ((err = pstm_add(&y, modulus, &y)) != PS_SUCCESS) |
|
2013
|
0 |
245734 |
if ((err = pstm_add(&t1, &t1, &t1)) != PS_SUCCESS) |
|
2017
|
120799 |
124935 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
|
2019
|
0 |
120799 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
|
2025
|
0 |
245734 |
if ((err = pstm_add(&t1, &y, &t1)) != PS_SUCCESS) |
|
2029
|
117179 |
128555 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
|
2031
|
0 |
117179 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
|
2037
|
0 |
245734 |
if ((err = pstm_sub(&x, &t2, &x)) != PS_SUCCESS) |
|
2041
|
113436 |
132298 |
if (pstm_cmp_d(&x, 0) == PSTM_LT) |
|
2043
|
0 |
113436 |
if ((err = pstm_add(&x, modulus, &x)) != PS_SUCCESS) |
|
2049
|
0 |
245734 |
if ((err = pstm_add(&t2, &t2, &t2)) != PS_SUCCESS) |
|
2053
|
114465 |
131269 |
if (pstm_cmp(&t2, modulus) != PSTM_LT) |
|
2055
|
0 |
114465 |
if ((err = pstm_sub(&t2, modulus, &t2)) != PS_SUCCESS) |
|
2061
|
0 |
245734 |
if ((err = pstm_add(&t2, &x, &t2)) != PS_SUCCESS) |
|
2065
|
116974 |
128760 |
if (pstm_cmp(&t2, modulus) != PSTM_LT) |
|
2067
|
0 |
116974 |
if ((err = pstm_sub(&t2, modulus, &t2)) != PS_SUCCESS) |
|
2074
|
245734 |
0 |
if (pstm_cmp_d(&Q->z, 1) != PSTM_EQ) |
|
2077
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &z, &Q->z, &z, paD, paDlen)) |
|
2082
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &z, modulus, *mp, paD, paDlen)) |
|
2090
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &z, &x, &z, paD, paDlen)) != PS_SUCCESS) |
|
2094
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &z, modulus, *mp, paD, paDlen)) |
|
2101
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t1, &x, &t1, paD, paDlen)) != PS_SUCCESS) |
|
2105
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
|
2111
|
0 |
245734 |
if ((err = pstm_sqr_comba(pool, &x, &x, paD, paDlen)) != PS_SUCCESS) |
|
2115
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &x, modulus, *mp, paD, paDlen)) |
|
2121
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t2, &x, &t2, paD, paDlen)) != PS_SUCCESS) |
|
2125
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t2, modulus, *mp, paD, paDlen)) |
|
2131
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t1, &x, &t1, paD, paDlen)) != PS_SUCCESS) |
|
2135
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
|
2142
|
0 |
245734 |
if ((err = pstm_sqr_comba(pool, &y, &x, paD, paDlen)) != PS_SUCCESS) |
|
2146
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &x, modulus, *mp, paD, paDlen)) |
|
2152
|
0 |
245734 |
if ((err = pstm_sub(&x, &t2, &x)) != PS_SUCCESS) |
|
2156
|
129332 |
116402 |
if (pstm_cmp_d(&x, 0) == PSTM_LT) |
|
2158
|
0 |
129332 |
if ((err = pstm_add(&x, modulus, &x)) != PS_SUCCESS) |
|
2165
|
0 |
245734 |
if ((err = pstm_sub(&t2, &x, &t2)) != PS_SUCCESS) |
|
2169
|
120598 |
125136 |
if (pstm_cmp_d(&t2, 0) == PSTM_LT) |
|
2171
|
0 |
120598 |
if ((err = pstm_add(&t2, modulus, &t2)) != PS_SUCCESS) |
|
2177
|
0 |
245734 |
if ((err = pstm_sub(&t2, &x, &t2)) != PS_SUCCESS) |
|
2181
|
110753 |
134981 |
if (pstm_cmp_d(&t2, 0) == PSTM_LT) |
|
2183
|
0 |
110753 |
if ((err = pstm_add(&t2, modulus, &t2)) != PS_SUCCESS) |
|
2189
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t2, &y, &t2, paD, paDlen)) != PS_SUCCESS) |
|
2193
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t2, modulus, *mp, paD, paDlen)) |
|
2199
|
0 |
245734 |
if ((err = pstm_sub(&t2, &t1, &y)) != PS_SUCCESS) |
|
2203
|
123892 |
121842 |
if (pstm_cmp_d(&y, 0) == PSTM_LT) |
|
2205
|
0 |
123892 |
if ((err = pstm_add(&y, modulus, &y)) != PS_SUCCESS) |
|
2211
|
245734 |
0 |
if (pstm_isodd(&y)) |
|
|
113542 |
132192 |
if (pstm_isodd(&y)) |
|
2213
|
0 |
113542 |
if ((err = pstm_add(&y, modulus, &y)) != PS_SUCCESS) |
|
2218
|
0 |
245734 |
if ((err = pstm_div_2(&y, &y)) != PS_SUCCESS) |
|
2223
|
0 |
245734 |
if ((err = pstm_copy(&x, &R->x)) != PS_SUCCESS) |
|
2227
|
0 |
245734 |
if ((err = pstm_copy(&y, &R->y)) != PS_SUCCESS) |
|
2231
|
0 |
245734 |
if ((err = pstm_copy(&z, &R->z)) != PS_SUCCESS) |
|
2248
|
245734 |
0 |
if (paD) |
|
2276
|
2142 |
1108065 |
if (P != R) |
|
2278
|
0 |
2142 |
if (pstm_copy(&P->x, &R->x) < 0) |
|
2282
|
0 |
2142 |
if (pstm_copy(&P->y, &R->y) < 0) |
|
2286
|
0 |
2142 |
if (pstm_copy(&P->z, &R->z) < 0) |
|
2293
|
1337 |
1108870 |
if (R->y.used > initSize) |
|
2297
|
0 |
1110207 |
if (R->z.used > initSize) |
|
2302
|
0 |
1110207 |
if (pstm_init_size(pool, &t1, (initSize * 2) + 1) < 0) |
|
2306
|
0 |
1110207 |
if (pstm_init_size(pool, &t2, (initSize * 2) + 1) < 0) |
|
2315
|
0 |
1110207 |
if ((paD = psMalloc(pool, paDlen)) == NULL) |
|
2322
|
0 |
1110207 |
if ((err = pstm_sqr_comba(pool, &R->z, &t1, paD, paDlen)) != PS_SUCCESS) |
|
2326
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
|
2332
|
0 |
1110207 |
if ((err = pstm_mul_comba(pool, &R->z, &R->y, &R->z, paD, paDlen)) |
|
2337
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &R->z, modulus, *mp, paD, paDlen)) |
|
2343
|
0 |
1110207 |
if ((err = pstm_add(&R->z, &R->z, &R->z)) != PS_SUCCESS) |
|
2347
|
537122 |
573085 |
if (pstm_cmp(&R->z, modulus) != PSTM_LT) |
|
2349
|
0 |
537122 |
if ((err = pstm_sub(&R->z, modulus, &R->z)) != PS_SUCCESS) |
|
2356
|
1110207 |
0 |
if (A == NULL) |
|
2359
|
0 |
1110207 |
if ((err = pstm_sub(&R->x, &t1, &t2)) != PS_SUCCESS) |
|
2363
|
577888 |
532319 |
if (pstm_cmp_d(&t2, 0) == PSTM_LT) |
|
2365
|
0 |
577888 |
if ((err = pstm_add(&t2, modulus, &t2)) != PS_SUCCESS) |
|
2371
|
0 |
1110207 |
if ((err = pstm_add(&t1, &R->x, &t1)) != PS_SUCCESS) |
|
2375
|
533544 |
576663 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
|
2377
|
0 |
533544 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
|
2383
|
0 |
1110207 |
if ((err = pstm_mul_comba(pool, &t1, &t2, &t2, paD, paDlen)) != PS_SUCCESS) |
|
2387
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &t2, modulus, *mp, paD, paDlen)) |
|
2393
|
0 |
1110207 |
if ((err = pstm_add(&t2, &t2, &t1)) != PS_SUCCESS) |
|
2397
|
542035 |
568172 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
|
2399
|
0 |
542035 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
|
2405
|
0 |
1110207 |
if ((err = pstm_add(&t1, &t2, &t1)) != PS_SUCCESS) |
|
2409
|
567417 |
542790 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
|
2411
|
0 |
567417 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
|
2422
|
0 |
0 |
if (pstm_init_size(pool, &t3, (initSize * 2) + 1) < 0) |
|
2426
|
0 |
0 |
if (pstm_init_size(pool, &t4, (initSize * 2) + 1) < 0) |
|
2433
|
0 |
0 |
if ((err = pstm_sqr_comba(pool, &R->x, &t3, paD, paDlen)) != PS_SUCCESS) |
|
2437
|
0 |
0 |
if ((err = pstm_montgomery_reduce(pool, &t3, modulus, *mp, paD, paDlen)) |
|
2444
|
0 |
0 |
if ((err = pstm_add(&t3, &t3, &t4)) != PS_SUCCESS) |
|
2448
|
0 |
0 |
if (pstm_cmp(&t4, modulus) != PSTM_LT) |
|
2450
|
0 |
0 |
if ((err = pstm_sub(&t4, modulus, &t4)) != PS_SUCCESS) |
|
2457
|
0 |
0 |
if ((err = pstm_add(&t3, &t4, &t3)) != PS_SUCCESS) |
|
2461
|
0 |
0 |
if (pstm_cmp(&t3, modulus) != PSTM_LT) |
|
2463
|
0 |
0 |
if ((err = pstm_sub(&t3, modulus, &t3)) != PS_SUCCESS) |
|
2470
|
0 |
0 |
if ((err = pstm_sqr_comba(pool, &t1, &t4, paD, paDlen)) != PS_SUCCESS) |
|
2474
|
0 |
0 |
if ((err = pstm_mod(pool, &t4, modulus, &t4)) != PS_SUCCESS) |
|
2480
|
0 |
0 |
if ((err = pstm_mul_comba(pool, &t4, A, &t4, paD, paDlen)) != PS_SUCCESS) |
|
2485
|
0 |
0 |
if ((err = pstm_montgomery_reduce(pool, &t4, modulus, *mp, paD, paDlen)) |
|
2492
|
0 |
0 |
if ((err = pstm_add(&t3, &t4, &t1)) != PS_SUCCESS) |
|
2496
|
0 |
0 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
|
2498
|
0 |
0 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
|
2508
|
0 |
1110207 |
if ((err = pstm_add(&R->y, &R->y, &R->y)) != PS_SUCCESS) |
|
2512
|
558135 |
552072 |
if (pstm_cmp(&R->y, modulus) != PSTM_LT) |
|
2514
|
0 |
558135 |
if ((err = pstm_sub(&R->y, modulus, &R->y)) != PS_SUCCESS) |
|
2520
|
0 |
1110207 |
if ((err = pstm_sqr_comba(pool, &R->y, &R->y, paD, paDlen)) != PS_SUCCESS) |
|
2524
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &R->y, modulus, *mp, paD, paDlen)) |
|
2530
|
0 |
1110207 |
if ((err = pstm_sqr_comba(pool, &R->y, &t2, paD, paDlen)) != PS_SUCCESS) |
|
2534
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &t2, modulus, *mp, paD, paDlen)) |
|
2540
|
1110207 |
0 |
if (pstm_isodd(&t2)) |
|
|
566850 |
543357 |
if (pstm_isodd(&t2)) |
|
2542
|
0 |
566850 |
if ((err = pstm_add(&t2, modulus, &t2)) != PS_SUCCESS) |
|
2547
|
0 |
1110207 |
if ((err = pstm_div_2(&t2, &t2)) != PS_SUCCESS) |
|
2552
|
0 |
1110207 |
if ((err = pstm_mul_comba(pool, &R->y, &R->x, &R->y, paD, paDlen)) |
|
2557
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &R->y, modulus, *mp, paD, paDlen)) |
|
2564
|
0 |
1110207 |
if ((err = pstm_sqr_comba(pool, &t1, &R->x, paD, paDlen)) != PS_SUCCESS) |
|
2568
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &R->x, modulus, *mp, paD, paDlen)) |
|
2574
|
0 |
1110207 |
if ((err = pstm_sub(&R->x, &R->y, &R->x)) != PS_SUCCESS) |
|
2578
|
561429 |
548778 |
if (pstm_cmp_d(&R->x, 0) == PSTM_LT) |
|
2580
|
0 |
561429 |
if ((err = pstm_add(&R->x, modulus, &R->x)) != PS_SUCCESS) |
|
2586
|
0 |
1110207 |
if ((err = pstm_sub(&R->x, &R->y, &R->x)) != PS_SUCCESS) |
|
2590
|
553863 |
556344 |
if (pstm_cmp_d(&R->x, 0) == PSTM_LT) |
|
2592
|
0 |
553863 |
if ((err = pstm_add(&R->x, modulus, &R->x)) != PS_SUCCESS) |
|
2599
|
0 |
1110207 |
if ((err = pstm_sub(&R->y, &R->x, &R->y)) != PS_SUCCESS) |
|
2603
|
524235 |
585972 |
if (pstm_cmp_d(&R->y, 0) == PSTM_LT) |
|
2605
|
0 |
524235 |
if ((err = pstm_add(&R->y, modulus, &R->y)) != PS_SUCCESS) |
|
2611
|
0 |
1110207 |
if ((err = pstm_mul_comba(pool, &R->y, &t1, &R->y, paD, paDlen)) |
|
2616
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &R->y, modulus, *mp, paD, paDlen)) |
|
2622
|
0 |
1110207 |
if ((err = pstm_sub(&R->y, &t2, &R->y)) != PS_SUCCESS) |
|
2626
|
574032 |
536175 |
if (pstm_cmp_d(&R->y, 0) == PSTM_LT) |
|
2628
|
0 |
574032 |
if ((err = pstm_add(&R->y, modulus, &R->y)) != PS_SUCCESS) |
|
2637
|
1110207 |
0 |
if (paD) |
|
2654
|
0 |
21420 |
if (p == NULL) |
|
2659
|
0 |
21420 |
if (size == 0) |
|
2661
|
0 |
0 |
if (pstm_init(pool, &p->x) != PSTM_OKAY) |
|
2665
|
0 |
0 |
if (pstm_init(pool, &p->y) != PSTM_OKAY) |
|
2669
|
0 |
0 |
if (pstm_init(pool, &p->z) != PSTM_OKAY) |
|
2676
|
0 |
21420 |
if (pstm_init_size(pool, &p->x, size) != PSTM_OKAY) |
|
2680
|
0 |
21420 |
if (pstm_init_size(pool, &p->y, size) != PSTM_OKAY) |
|
2684
|
0 |
21420 |
if (pstm_init_size(pool, &p->z, size) != PSTM_OKAY) |
|
2705
|
21420 |
0 |
if (p != NULL) |
|
2729
|
0 |
2142 |
if (pstm_init_size(pool, &t1, P->x.alloc) < 0) |
|
2733
|
0 |
2142 |
if (pstm_init_size(pool, &t2, P->x.alloc) < 0) |
|
2741
|
0 |
2142 |
if ((paD = psMalloc(pool, paDlen)) == NULL) |
|
2748
|
0 |
2142 |
if ((err = pstm_montgomery_reduce(pool, &P->z, modulus, *mp, paD, paDlen)) |
|
2755
|
0 |
2142 |
if ((err = pstm_invmod(pool, &P->z, modulus, &t1)) != PS_SUCCESS) |
|
2761
|
0 |
2142 |
if ((err = pstm_sqr_comba(pool, &t1, &t2, paD, paDlen)) != PS_SUCCESS) |
|
2765
|
0 |
2142 |
if ((err = pstm_mod(pool, &t2, modulus, &t2)) != PS_SUCCESS) |
|
2769
|
0 |
2142 |
if ((err = pstm_mul_comba(pool, &t1, &t2, &t1, paD, paDlen)) != PS_SUCCESS) |
|
2773
|
0 |
2142 |
if ((err = pstm_mod(pool, &t1, modulus, &t1)) != PS_SUCCESS) |
|
2779
|
0 |
2142 |
if ((err = pstm_mul_comba(pool, &P->x, &t2, &P->x, paD, paDlen)) |
|
2784
|
0 |
2142 |
if ((err = pstm_montgomery_reduce(pool, &P->x, modulus, *mp, paD, paDlen)) |
|
2789
|
0 |
2142 |
if ((err = pstm_mul_comba(pool, &P->y, &t1, &P->y, paD, paDlen)) |
|
2794
|
0 |
2142 |
if ((err = pstm_montgomery_reduce(pool, &P->y, modulus, *mp, paD, paDlen)) |
|
2803
|
2142 |
0 |
if (paD) |
|
2844
|
0 |
0 |
if ((err = getAsnSequence(&c, (uint16_t) (end - c), &len)) < 0) |
|
2849
|
0 |
0 |
if ((err = pstm_read_asn(pool, &c, (uint16_t) (end - c), &r)) < 0) |
|
2854
|
0 |
0 |
if ((err = pstm_read_asn(pool, &c, (uint16_t) (end - c), &s)) < 0) |
|
2863
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &p, key->curve->size) < 0) |
|
2870
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &m, key->curve->size) < 0) |
|
2874
|
0 |
0 |
if (pstm_init_size(pool, &v, key->pubkey.x.alloc) < 0) |
|
2878
|
0 |
0 |
if (pstm_init_size(pool, &w, s.alloc) < 0) |
|
2883
|
0 |
0 |
if (buflen > key->curve->size) |
|
2887
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &e, buflen) < 0) |
|
2891
|
0 |
0 |
if (pstm_init_size(pool, &u1, e.alloc + w.alloc) < 0) |
|
2895
|
0 |
0 |
if (pstm_init_size(pool, &u2, r.alloc + w.alloc) < 0) |
|
2901
|
0 |
0 |
if ((mG = eccNewPoint(pool, key->pubkey.x.alloc * 2)) == NULL) |
|
2905
|
0 |
0 |
if ((mQ = eccNewPoint(pool, key->pubkey.x.alloc * 2)) == NULL) |
|
2911
|
0 |
0 |
if ((err = pstm_read_radix(pool, &p, key->curve->order, radlen, 16)) |
|
2918
|
0 |
0 |
if ((err = pstm_read_radix(pool, &m, key->curve->prime, radlen, 16)) |
|
2925
|
0 |
0 |
if (pstm_iszero(&r) || pstm_iszero(&s) || pstm_cmp(&r, &p) != PSTM_LT || |
|
|
0 |
0 |
if (pstm_iszero(&r) || pstm_iszero(&s) || pstm_cmp(&r, &p) != PSTM_LT || |
|
2933
|
0 |
0 |
if ((err = pstm_read_unsigned_bin(&e, buf, buflen)) != PS_SUCCESS) |
|
2939
|
0 |
0 |
if ((err = pstm_invmod(pool, &s, &p, &w)) != PS_SUCCESS) |
|
2945
|
0 |
0 |
if ((err = pstm_mulmod(pool, &e, &w, &p, &u1)) != PS_SUCCESS) |
|
2951
|
0 |
0 |
if ((err = pstm_mulmod(pool, &r, &w, &p, &u2)) != PS_SUCCESS) |
|
2957
|
0 |
0 |
if ((err = pstm_read_radix(pool, &mG->x, key->curve->Gx, radlen, 16)) |
|
2962
|
0 |
0 |
if ((err = pstm_read_radix(pool, &mG->y, key->curve->Gy, radlen, 16)) |
|
2969
|
0 |
0 |
if ((err = pstm_copy(&key->pubkey.x, &mQ->x)) != PS_SUCCESS) |
|
2973
|
0 |
0 |
if ((err = pstm_copy(&key->pubkey.y, &mQ->y)) != PS_SUCCESS) |
|
2977
|
0 |
0 |
if ((err = pstm_copy(&key->pubkey.z, &mQ->z)) != PS_SUCCESS) |
|
2982
|
0 |
0 |
if (key->curve->isOptimized == 0) |
|
2984
|
0 |
0 |
if ((A = psMalloc(pool, sizeof(pstm_int))) == NULL) |
|
2989
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, A, key->curve->size) < 0) |
|
2994
|
0 |
0 |
if ((err = pstm_read_radix(pool, A, key->curve->A, |
|
3003
|
0 |
0 |
if ((err = eccMulmod(pool, &u1, mG, mG, &m, 0, A)) != PS_SUCCESS) |
|
3007
|
0 |
0 |
if ((err = eccMulmod(pool, &u2, mQ, mQ, &m, 0, A)) != PS_SUCCESS) |
|
3013
|
0 |
0 |
if ((err = pstm_montgomery_setup(&m, &mp)) != PS_SUCCESS) |
|
3019
|
0 |
0 |
if ((err = eccProjectiveAddPoint(pool, mQ, mG, mG, &m, &mp, A)) != PS_SUCCESS) |
|
3025
|
0 |
0 |
if ((err = eccMap(pool, mG, &m, &mp)) != PS_SUCCESS) |
|
3031
|
0 |
0 |
if ((err = pstm_mod(pool, &mG->x, &p, &v)) != PS_SUCCESS) |
|
3037
|
0 |
0 |
if (pstm_cmp(&v, &r) == PSTM_EQ) |
|
3046
|
0 |
0 |
if (A) |
|
3106
|
0 |
0 |
if (privKey->type != PS_PRIVKEY) |
|
3112
|
0 |
0 |
if (buflen > privKey->curve->size) |
|
3118
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &p, privKey->curve->size) < 0) |
|
3122
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &e, buflen) < 0) |
|
3126
|
0 |
0 |
if (pstm_init_size(pool, &r, p.alloc) < 0) |
|
3130
|
0 |
0 |
if (pstm_init_size(pool, &s, p.alloc) < 0) |
|
3135
|
0 |
0 |
if ((err = pstm_read_radix(pool, &p, privKey->curve->order, radlen, |
|
3140
|
0 |
0 |
if ((err = pstm_read_unsigned_bin(&e, buf, buflen)) != PS_SUCCESS) |
|
3149
|
0 |
0 |
if (sanity++ > 99) |
|
3155
|
0 |
0 |
if ((err = psEccGenKey(pool, &pubKey, privKey->curve, usrData)) |
|
3161
|
0 |
0 |
if ((err = pstm_mod(pool, &pubKey.pubkey.x, &p, &r)) != PS_SUCCESS) |
|
3166
|
0 |
0 |
if (pstm_iszero(&r) == PS_TRUE) |
|
3173
|
0 |
0 |
if ((err = pstm_invmod(pool, &pubKey.k, &p, &pubKey.k)) != |
|
3178
|
0 |
0 |
if ((err = pstm_mulmod(pool, &privKey->k, &r, &p, &s)) |
|
3183
|
0 |
0 |
if ((err = pstm_add(&e, &s, &s)) != PS_SUCCESS) |
|
3187
|
0 |
0 |
if ((err = pstm_mod(pool, &s, &p, &s)) != PS_SUCCESS) |
|
3191
|
0 |
0 |
if ((err = pstm_mulmod(pool, &s, &pubKey.k, &p, &s)) |
|
3202
|
0 |
0 |
if (((rLen + 6) >= privKey->curve->size) && |
|
|
0 |
0 |
if (((rLen + 6) >= privKey->curve->size) && |
|
3205
|
0 |
0 |
if (pstm_iszero(&s) == PS_FALSE) |
|
3216
|
0 |
0 |
if (negative[rLen - 1] & 0x80) |
|
3222
|
0 |
0 |
if (negative[sLen - 1] & 0x80) /* GOOD ONE */ |
|
3230
|
0 |
0 |
if (olen - 3 >= 128) |
|
3236
|
0 |
0 |
if (includeSize) |
|
3238
|
0 |
0 |
if (olen + 2 > *siglen) |
|
3249
|
0 |
0 |
if (olen > *siglen) |
|
3258
|
0 |
0 |
if ((olen - 3) >= 128) |
|
3271
|
0 |
0 |
if (includeSize) |
|
3279
|
0 |
0 |
if (rflag) |
|
3283
|
0 |
0 |
if ((err = pstm_to_unsigned_bin(pool, &r, sig)) != PSTM_OKAY) |
|
3291
|
0 |
0 |
if (sflag) |
|
3295
|
0 |
0 |
if ((err = pstm_to_unsigned_bin(pool, &s, sig)) != PSTM_OKAY) |